The Japanese Financial Services Agency is to introduce tighter controls for cryptocurrency exchanges in order to prevent a repeat of the $500 million Coincheck hack of January 2018.
Cryptocurrencies were accepted as legal payment methods in Japan as of April 2017[1], marking the country as one of the most supportive of the emerging new digital economy. In January 2018, hackers stole[2] over $500 million worth of NEM tokens in an attack on the Japanese exchange Coincheck.
Since the Coincheck hack, which was also preceded by the collapse of the Tokyo-based MtGox[3] exchange, the Japanese government has been working to protect cryptocurrency investors in the country.
"We need to introduce a new perspective in reviews of registrations," said the Financial Services Agency (FSA) in April. "The registration process would go beyond mere documentation and include preliminary visits that make detailed investigations into how operations are managed."
Cryptocurrency exchanges need to register with the Japanese government via the FSA and will now be subject to five key requirement criteria, as reported[4] by the Nikkei Asian Review.
- Exchanges in Japan will have stricter standards on system management and will have to employ cold storage of the cryptocurrency they hold, meaning they cannot store it on internet-connected computers. Additionally, they will have to ensure that any currency transfers use multiple authentication methods. In the Coincheck theft, the stolen NEM had been stored in a "hot wallet."
- For large transfers, customer identities will need to be verified to prevent money laundering.
- Customer assets will need to be managed separately from the exchanges' own assets, and the exchanges will need to ensure that employees will not be able to use client funds.
